CVE-2013-5915

Priority
Description
The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly
perform Montgomery multiplication, which might allow remote attackers to
conduct a timing side-channel attack and retrieve RSA private keys.
Notes
Package
Upstream:released (1.2.9)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1.3.4-1)
Package
Upstream:released (1.2.9)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [1.3.4-1])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 21:06:13 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)